Re: [dmarc-ietf] Consensus Sought - Ticket #47 (Removal of "pct" tag) - With Interim Notes

Fri, 28 May 2021 10:20:28 -0700 

On Fri 28/May/2021 17:43:37 +0200 Todd Herr wrote:



Consensus on Ticket #47 <https://trac.ietf.org/trac/dmarc/ticket/47> (Removal 
of "pct" tag) was reached during the May 27 DMARC Interim to keep the tag, but 
to rewrite its definition in whole or in part to make its usage better understood.




I think the text in RFC 7489 is quite good.  Perhaps a word could be added for 
pct=0; for example:


OLD
   pct:  (plain-text integer between 0 and 100, inclusive; OPTIONAL;
      default is 100).  Percentage of messages from the Domain Owner's
      mail stream to which the DMARC policy is to be applied.  However,
      this MUST NOT be applied to the DMARC-generated reports, all of
      which must be sent and received unhindered.  The purpose of the
      "pct" tag is to allow Domain Owners to enact a slow rollout
      enforcement of the DMARC mechanism.  The prospect of "all or
      nothing" is recognized as preventing many organizations from
      experimenting with strong authentication-based mechanisms.  See
      Section 6.6.4 for details.  Note that random selection based on
      this percentage, such as the following pseudocode, is adequate:

       if (random mod 100) < pct then
         selected = true
       else
         selected = false

NEW
   pct:  (plain-text integer between 0 and 100, inclusive; OPTIONAL;
      default is 100).  Percentage of messages from the Domain Owner's
      mail stream to which the DMARC policy is to be applied.  However,
      this MUST NOT be applied to any other use, such as skipping DMARC
      reports or demeaning a domain's policy.  The purpose of the
      "pct" tag is to allow Domain Owners to enact a slow rollout
      enforcement of the DMARC mechanism.  Using this tag, organizations
      can experiment with strong authentication-based mechanisms while
      lowering or even voiding the risk of non-delivery.  See Section 6.6.4
      for details.  Note that random selection based on this percentage,
      such as the following pseudocode, is adequate:

       if (random mod 100) < pct then
         selected = true
       else
         selected = false

jm2c
Ale
--





















_______________________________________________
dmarc mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dmarc






















					Reply via email to